Glitch: sys-net and sys-firewall start without "Start VM automatically on boot" setting enabled
49 views
Skip to first unread message
Marc de Bruin
May 15, 2016, 4:21:54 AM5/15/16
to qubes-users
Lo,
Although I explicitly removed the checkbox at "Start VM automatically on
boot" for both sys-net and sys-firewall, they do start on boot.
No other domain is starting at boot.
Bug? Some other configuration change I need to make?
Greetz,
Marc.
Although I explicitly removed the checkbox at "Start VM automatically on
boot" for both sys-net and sys-firewall, they do start on boot.
No other domain is starting at boot.
Bug? Some other configuration change I need to make?
Greetz,
Marc.
Andrew David Wong
May 15, 2016, 6:35:33 AM5/15/16
to Marc de Bruin, qubes-users
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Is sys-firewall set as the UpdateVM? If so, perhaps it could have
something to do with that. You can try changing that setting in Qubes
Manager.
To check the autostart settings for those VMs (in dom0):
$ qvm-prefs -l sys-net | grep autostart
$ qvm-prefs -l sys-firewall | grep autostart
To explicitly turn off autostart:
$ qvm-prefs -s sys-net autostart false
$ qvm-prefs -s sys-firewall autostart false
- --
Andrew David Wong (Axon)
Community Manager, Qubes OS
https://www.qubes-os.org
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJXOFDvAAoJENtN07w5UDAwGxYQAMxrgSSrBqSVuhJGkOSJRv0s
22tRz9fCLuACKzHVgQZcuwLx2P1Oq693utNnhOziEOLwZ1NoNrrMQk7hAvc+qaNX
p7Rc/dE0D7pbT+awJKOM/8to7ieWvevfRzp/tADkbNf7GkeB1MwG+jAuQ3FiKN5w
09lTo8beevHrQ1DKy/V/8Mla+YK4+FX1LmFEggL37jpucNmbb1VAEMLkxDoRduGp
Rergm/CCuwlrRaNteuxMSm619c+Jjgf8l/nsFw1kvftrjDssZsex1GxxZO7U+EsZ
CYcD6U1Ae0jaeGWb7L5UQWnDSQ21JxWNWETXcDXQhL1IXSAyHH2EW8eW9ViMGCEx
YeLXFroQDBIDOzz99BYHWKsiE9pJXARmnisJqpVBXRWfvzlJVmvUG9BGqhD09LTj
b+cZ3ku9A2pPX/zRKbzMp2tD6MPi6SRwbPEmPpHpj+Bpbx+3V3c7wWBWfS+BY3RA
pf9cOuuVMgZS79hzMfupRnZf8DZ9HHqtCbTgmx3bTUmIXltBNCOJxH69YaJaWP/2
ruf5X72f4eSt3LaShkFmNwwysk3Zv0l1toGppacf5IWb3/wMx4bdiJhB440dKBm2
xmeQQ25q/UeHywjFKgQv5zI6SYzh5vIAevUqcYOZReN19pUiI6g/ClXZ+gqk2dOF
ovM1O0qFimmWN8L6adhj
=Gl2t
-----END PGP SIGNATURE-----
Hash: SHA512
something to do with that. You can try changing that setting in Qubes
Manager.
To check the autostart settings for those VMs (in dom0):
$ qvm-prefs -l sys-net | grep autostart
$ qvm-prefs -l sys-firewall | grep autostart
To explicitly turn off autostart:
$ qvm-prefs -s sys-net autostart false
$ qvm-prefs -s sys-firewall autostart false
- --
Andrew David Wong (Axon)
Community Manager, Qubes OS
https://www.qubes-os.org
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJXOFDvAAoJENtN07w5UDAwGxYQAMxrgSSrBqSVuhJGkOSJRv0s
22tRz9fCLuACKzHVgQZcuwLx2P1Oq693utNnhOziEOLwZ1NoNrrMQk7hAvc+qaNX
p7Rc/dE0D7pbT+awJKOM/8to7ieWvevfRzp/tADkbNf7GkeB1MwG+jAuQ3FiKN5w
09lTo8beevHrQ1DKy/V/8Mla+YK4+FX1LmFEggL37jpucNmbb1VAEMLkxDoRduGp
Rergm/CCuwlrRaNteuxMSm619c+Jjgf8l/nsFw1kvftrjDssZsex1GxxZO7U+EsZ
CYcD6U1Ae0jaeGWb7L5UQWnDSQ21JxWNWETXcDXQhL1IXSAyHH2EW8eW9ViMGCEx
YeLXFroQDBIDOzz99BYHWKsiE9pJXARmnisJqpVBXRWfvzlJVmvUG9BGqhD09LTj
b+cZ3ku9A2pPX/zRKbzMp2tD6MPi6SRwbPEmPpHpj+Bpbx+3V3c7wWBWfS+BY3RA
pf9cOuuVMgZS79hzMfupRnZf8DZ9HHqtCbTgmx3bTUmIXltBNCOJxH69YaJaWP/2
ruf5X72f4eSt3LaShkFmNwwysk3Zv0l1toGppacf5IWb3/wMx4bdiJhB440dKBm2
xmeQQ25q/UeHywjFKgQv5zI6SYzh5vIAevUqcYOZReN19pUiI6g/ClXZ+gqk2dOF
ovM1O0qFimmWN8L6adhj
=Gl2t
-----END PGP SIGNATURE-----
Marek Marczykowski-Górecki
May 15, 2016, 6:38:56 AM5/15/16
to Marc de Bruin, qubes-users
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Default netvm (and other VMs required by it) is started at boot,
regardless of its autostart setting. If you really want, you can disable
qubes-netvm service (via systemctl), but I'd expect some problems then.
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBCAAGBQJXOFG3AAoJENuP0xzK19csZK8H/jvnFZLvAv5ps0PKHJ5Ufzlv
/M3Ji/WfEhFBL6+/iyEi6ZmEBt95y/tkzn/7kUehSE88BDdrLbuqB5bVJkoKhzGT
iCGFIYlzoBPDMbhmkUxnp+a8FfgKT1uUvNsIVFLCmuWJVjNjojR47vAE7aaOSaNX
l5vTXb1ZXdZuhIo3TKaLT2DJYf7BDaVV2QBalXY/QJL4PxXoHuaQXPzc7j4qSVBd
OP8xBJVTBbVELADxGOe2wKNDey3QETMz3QBoKAjD0aNsr3b6D9BI/nWWNIjlJCiO
sHB0FWjiHhp4LbCStMF9iSE2sv+1B7nwAq3+/3U76i27MvMOmbtrHs7faMLScWg=
=A6/6
-----END PGP SIGNATURE-----
Hash: SHA256
regardless of its autostart setting. If you really want, you can disable
qubes-netvm service (via systemctl), but I'd expect some problems then.
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBCAAGBQJXOFG3AAoJENuP0xzK19csZK8H/jvnFZLvAv5ps0PKHJ5Ufzlv
/M3Ji/WfEhFBL6+/iyEi6ZmEBt95y/tkzn/7kUehSE88BDdrLbuqB5bVJkoKhzGT
iCGFIYlzoBPDMbhmkUxnp+a8FfgKT1uUvNsIVFLCmuWJVjNjojR47vAE7aaOSaNX
l5vTXb1ZXdZuhIo3TKaLT2DJYf7BDaVV2QBalXY/QJL4PxXoHuaQXPzc7j4qSVBd
OP8xBJVTBbVELADxGOe2wKNDey3QETMz3QBoKAjD0aNsr3b6D9BI/nWWNIjlJCiO
sHB0FWjiHhp4LbCStMF9iSE2sv+1B7nwAq3+/3U76i27MvMOmbtrHs7faMLScWg=
=A6/6
-----END PGP SIGNATURE-----
Marc de Bruin
May 15, 2016, 7:12:56 AM5/15/16
to Marek Marczykowski-Górecki, qubes-users
On 05/15/2016 12:38 PM, Marek Marczykowski-Górecki wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> On Sun, May 15, 2016 at 10:21:50AM +0200, Marc de Bruin wrote:
>> Lo,
>>
>> Although I explicitly removed the checkbox at "Start VM automatically on
>> boot" for both sys-net and sys-firewall, they do start on boot.
>>
>> No other domain is starting at boot.
>>
>> Bug? Some other configuration change I need to make?
> Default netvm (and other VMs required by it) is started at boot,
> regardless of its autostart setting. If you really want, you can disable
> qubes-netvm service (via systemctl), but I'd expect some problems then.
>
>
Then it should not be possible to disable that checkbox in the first
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> On Sun, May 15, 2016 at 10:21:50AM +0200, Marc de Bruin wrote:
>> Lo,
>>
>> Although I explicitly removed the checkbox at "Start VM automatically on
>> boot" for both sys-net and sys-firewall, they do start on boot.
>>
>> No other domain is starting at boot.
>>
>> Bug? Some other configuration change I need to make?
> Default netvm (and other VMs required by it) is started at boot,
> regardless of its autostart setting. If you really want, you can disable
> qubes-netvm service (via systemctl), but I'd expect some problems then.
>
>
place, IMHO.
Greetz,
Marc.
wes....@gmail.com
Dec 23, 2016, 12:12:13 AM12/23/16
to qubes-users
@marc
You are right, unchecking the box "should" make them not startup. I'm sure you've already figured it out but for anyone else that finds this page I'll post the answer.
Go to /etc/systemd/system/ and comment out the line in "qubes_netvm.service" that tells the default netvm to start. Bam...
This must be done for me because everytime I restart the box I have no connection in sysnet which requires me to do various steps in order to have sysnet actually connect to the internet...very annoying. Searched for that fix but haven't figured it out yet.
B4U2DO
Andrew David Wong
Dec 23, 2016, 3:53:36 AM12/23/16
to wes....@gmail.com, qubes-users
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On 2016-12-22 21:12, wes....@gmail.com wrote:
> @marc
>
> You are right, unchecking the box "should" make them not startup.
Tracking this UX issue:
https://github.com/QubesOS/qubes-issues/issues/2533
- --
Andrew David Wong (Axon)
Community Manager, Qubes OS
https://www.qubes-os.org
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJYXOYHAAoJENtN07w5UDAwFwkQAMEGiOD6iNjGm7IVoH6JSrm8
JqXxnBotCrRTrbzI5eNJKJDJKC8uxLLY/UAewDU9zaRd1+Tj/ZoV2Khb0IABTeS6
9Z+mBFTeFmZQHSGBmU16YzXgO2MllVJQs6XeOOi183QAV/Llu6sOhVT1odCuBZ8Y
BwQJZdrc+3aV0FPcVQHf0CAxRNLotAFq9KaIOxyBijv7JlMt/8+IkvDXq76lpHDq
ZMeL6UvH8dTQaVNKe6aZ+NPMpZAd6qn4WBE3PVdlHBALyAhokGZgmqaas9a6E8pZ
AmuZuylpJiAjOf1mPCU1QpfByJp+ObFvh3WzpaVXySGP50F+O5BTZqI3oq+sGvLi
60LMrF68TnLRJyKOuhzOD+ZRitKx/50KlA/KkPPyrcyU8UHSzwpdZWSvm6Vwgc3p
YAX4K2LSm0wEIpvVE9+3XjQhBB/qenQiRQ3+5FvmjoPpuy2gF6GuDvzeEXO886S4
VWc17QxU5WQlZOoZiiIWAhREgf+/M8VahIbQ/BaKP6VZ4disGzudpeCchRYG88s7
MJDqzB0yPQTRHhV0cTrqq/fqFIHYsePch4SyQTIFFInFXg8iBi3t+kWrh2zNSiyb
2BEo++102bV59lNoRPytFv0yKtV4LWhfajDuD7gGXj58OknMxW0NeqbRG4Pf2XbI
RrCjUHBt2jxIm/37pCon
=H7YM
-----END PGP SIGNATURE-----
Hash: SHA512
On 2016-12-22 21:12, wes....@gmail.com wrote:
> @marc
>
> You are right, unchecking the box "should" make them not startup.
https://github.com/QubesOS/qubes-issues/issues/2533
- --
Andrew David Wong (Axon)
Community Manager, Qubes OS
https://www.qubes-os.org
-----BEGIN PGP SIGNATURE-----
JqXxnBotCrRTrbzI5eNJKJDJKC8uxLLY/UAewDU9zaRd1+Tj/ZoV2Khb0IABTeS6
9Z+mBFTeFmZQHSGBmU16YzXgO2MllVJQs6XeOOi183QAV/Llu6sOhVT1odCuBZ8Y
BwQJZdrc+3aV0FPcVQHf0CAxRNLotAFq9KaIOxyBijv7JlMt/8+IkvDXq76lpHDq
ZMeL6UvH8dTQaVNKe6aZ+NPMpZAd6qn4WBE3PVdlHBALyAhokGZgmqaas9a6E8pZ
AmuZuylpJiAjOf1mPCU1QpfByJp+ObFvh3WzpaVXySGP50F+O5BTZqI3oq+sGvLi
60LMrF68TnLRJyKOuhzOD+ZRitKx/50KlA/KkPPyrcyU8UHSzwpdZWSvm6Vwgc3p
YAX4K2LSm0wEIpvVE9+3XjQhBB/qenQiRQ3+5FvmjoPpuy2gF6GuDvzeEXO886S4
VWc17QxU5WQlZOoZiiIWAhREgf+/M8VahIbQ/BaKP6VZ4disGzudpeCchRYG88s7
MJDqzB0yPQTRHhV0cTrqq/fqFIHYsePch4SyQTIFFInFXg8iBi3t+kWrh2zNSiyb
2BEo++102bV59lNoRPytFv0yKtV4LWhfajDuD7gGXj58OknMxW0NeqbRG4Pf2XbI
RrCjUHBt2jxIm/37pCon
=H7YM
-----END PGP SIGNATURE-----
Reply all
Reply to author
Forward
0 new messages